➹ New Feature implementation request

For nuclei, we have an auto-update system for the templates that downloads them on a regular basis and writes them to a persistent volume which is being pulled into every nuclei scan. This avoids the problem of rate limiting by the GitHub API (where the files are hosted).

Since trivy also downloads the rulesets from GitHub, it has the same issues as Nuclei. It would be nice if the same functionality for centralized downloading would be added to the trivy scantype. However, we should consider turning it off by default because not all k8s clusters support the type of volume that the system uses, leading to errors when launching scans.

Alternative: trivy has a ruleserver functionality that does this for us (already documented in our documentation for the scan type). However, this rule server is currently only supported for scans of containers. All other scan types (like FS scans) cannot use the server (see this issue in the trivy repo for the current state).